Vulnerabilities > CVE-2006-6665 - Buffer Overflow vulnerability in AstonSoft DeepBurner DBR Compilation
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description DeepBurner 1.8.0 .dbr File Parsing Buffer Overflow Exploit. CVE-2006-6665. Local exploit for windows platform file exploits/windows/local/2950.c id EDB-ID:2950 last seen 2016-01-31 modified 2006-12-19 platform windows port published 2006-12-19 reporter Expanders source https://www.exploit-db.com/download/2950/ title DeepBurner 1.8.0 - .dbr File Parsing Buffer Overflow Exploit type local description AstonSoft DeepBurner (DBR File) Path Buffer Overflow. CVE-2006-6665. Local exploit for windows platform id EDB-ID:16675 last seen 2016-02-02 modified 2010-09-20 published 2010-09-20 reporter metasploit source https://www.exploit-db.com/download/16675/ title AstonSoft DeepBurner DBR File Path Buffer Overflow
Metasploit
description | This module exploits a stack-based buffer overflow in versions 1.9.0.228, 1.8.0, and possibly other versions of AstonSoft's DeepBurner (Pro, Lite, etc). An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded DBR file within a browser, since the DBR extension is registered to DeepBurner. |
id | MSF:EXPLOIT/WINDOWS/FILEFORMAT/DEEPBURNER_PATH |
last seen | 2020-03-09 |
modified | 2017-09-14 |
published | 2010-02-03 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6665 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/deepburner_path.rb |
title | AstonSoft DeepBurner (DBR File) Path Buffer Overflow |
Packetstorm
data source | https://packetstormsecurity.com/files/download/85992/deepburner_path.rb.txt |
id | PACKETSTORM:85992 |
last seen | 2016-12-05 |
published | 2010-02-05 |
reporter | Expanders |
source | https://packetstormsecurity.com/files/85992/AstonSoft-DeepBurner-DBR-File-Path-Buffer-Overflow.html |
title | AstonSoft DeepBurner (DBR File) Path Buffer Overflow |